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DETAILED ACTION 

1. Claims 1-49 have been examined. 

Specification 

2. The lengthy specification has not been checked to the extent necessary to 
determine the presence of all possible minor errors. Applicants cooperation is 
requested in correcting any errors of which applicant may become aware in the 
specification. 

3. The applicant is requested to review the specification and update the status of all 
co-pending applications made mention of, replacing attorney docket numbers with 
current U.S. application or patent numbers when appropriate. References to U.S. 
applications or patents should make it clear as to what the number refers (e.g. U.S. 
Patent No. #), instead of listing only the number. 

Claim Rejections - 35 USC §112 

4. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

5. Claims 8, 11, 18, 20, 29, 37, 40, 47 and 49 are rejected under 35 U.S.C. 112, 
second paragraph, as being indefinite for failing to particularly point out and distinctly 
claim the subject matter which applicant regards as the invention. 

6. Claims 8, 1 1, 18, 20, 29, 37, 40, 47 and 49 contain the trademark/trade name 
Forms Data Format. Where a trademark or trade name is used in a claim as a limitation 
to identify or describe a particular material or product, the claim does not comply with 
the requirements of 35 U.S.C. 112, second paragraph. See Ex parte Simpson, 218 
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USPQ 1020 (Bd. App. 1982). The claim scope is uncertain since the trademark or trade 
name cannot be used properly to identify any particular material or product. A 
trademark or trade name is used to identify a source of goods, and not the goods 
themselves. Thus, a trademark or trade name does not identify or describe the goods 
associated with the trademark or trade name. In the present case, the trademark/trade 
name is used to identify/describe a container object type and, accordingly, the 
identification/description is indefinite. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 1-7, 9-10, 12-17, 19, 21-28, 30-36, 38-39, 41-46, and 48 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over Schneier as applied to claim 1 , and 
further in view of Stallings. 

9. Schneier teaches a system for the communication of secure electronic mail using 
certificates. Schneier fails to teach explicitly requesting the recipient's certificate within 
the initial message. 

10. However, Stallings teaches authentication between two users (pg 451 figure 
14.6) within which certificates are used to verify the identity of each party and the 



Application/Control Number: 10/072,260 Page 4 

Art Unit: 2134 

certificates are presented and requested within the initial message denoted by Stallings 
as a phase. 

11. It is desirable within any secured communication system to be able to 
expeditiously authenticate between the two parties involved. Stallings teaches this 
method of quick reliable authentication using the SSL handshake protocol, by providing 
the server's certificate with the initial request for the clients certificate so as to provide 
for fewer communications between the two parties, as such decreasing the time spent 
on authenticating and increasing the security by initially being authenticated instead of 
waiting for several other messages to be exchanged. 

12. It would have been obvious to one of ordinary skill in the art at the time of the 
applicant's invention to combine the schema for authentication of parties under Stallings 
into the privacy enhanced mail system described by Schneier for the advantages of 
increased security and increased speed of communications. 

13. Regarding Claim 1: Generate a first container object (Schneier Fig 24.4-5) As 
shown an electronic message comprises the means for containing all necessary 
information related to the message. 

Containing a sender's certificate (Schneier Fig 24.5, Stallings Fig 14.6) As denoted the 
message contains the sender's certificate and additionally any necessary issuer's 
certificates. 

Containing a request for a recipient's certificate (Stallings Fig 14.6) Within the figure as 
shown by Stallings the container herein described as the message is composed of the 



Application/Control Number: 10/072,260 Page 5 

Art Unit: 2134 

sender's certificate, a certificate request, and other necessary information. In this way 
the message provides for requesting the certificate of the recipient. 
Container has a recognizable type (Schneier pg 577-578, Fig 24.4-5 , Stallings Fig 14.6) 
As described themessage has a recognizable type of an electronic mail message, and 
additionally provides for identification of the separate encryption protocols that may be 
used in forming the message. 

Transmit container to recipient's address (Schneier pg 577, 581 lines 12-18) As the 
message is described of being an email it is understood that an address of such a 
recipient is provided and logically transmitted thereto. 

14. Regarding Claim 2: Receive input from sender specifying recipient's address 
(Schneier pg 579, Fig 24.4-5) As within any typical email message the user must 
provide for the destination or recipient with which the communication is desired. 
Specifying one or more certificates of the sender (Schneier pg 577, 24.5) The message 
may contain one or more certificates of the sender depending on the nature of the 
certificate. If the certificate is issued by the sender itself, meaning the sender is a 
certificate authority (CA), then only that one certificate would be present. In the event 
the sender is not a CA then the issuer certificate would be available with the sender's 
certificate. 

15. Regarding Claims 3, 10, 15 and 19: transmitting/receiving the container by 
electronic mail (Schneier pg 577 lines 29-34) As described by Schneier the system 
provides electronic mail over the internet. 
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Transmitting/receiving by HTTP (Schneier pg 577 lines 29-34) As stated above the 
system provides for electronic mail over the internet. As it is known electronic mail is 
not confined to a single method but is provided for in many ways. Electronic mail is 
available over the internet via web-based email services such as Yahoo.com for 
example. In such an exemplary situation the container or message is communicated 
over HTTP to the end user for viewing, as such providing for transmission by HTTP. 
Transmitted/Received via a networked server (Schneier pg 577 lines 29-34) Any 
communications that take place via a network such as those stated herein occur 
through a networked server and as such information is received and sent through such 
means. 

16. Regarding Claim 4: First container object generated by a server (Schneier pg 
577 lines 29-34, Fig 24.5) The message is generated within the computer medium of 
either the sender's system or the server of the HTTP based web-mail system. In either 
instant case the computer within which the message is created is a server. In the case 
of the web-mail system the machine is a server of that email system allowing for those 
mail functions. In the case of the sender's system the computer acts as a server for 
basic functions such as the mail functionality of the system. A server is defined as the 
software component of one device that provides services for use by clients on the same 
or another device. 

17. Regarding Claims 5, and 16: Receive input selecting one or more of the multiple 
certificates (Schneier Fig 24.5, pg 579-582) The system of the sender provides the input 
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based on the nature of the sender's certificate, as stated above if the issuer is different 
than the originator (sender) then multiple certificates may be selected. 
Retrieve the selected certificates from a database (Schneier pg 579-582) As stated on 
page 579 lines 1-18 the certificates are certified by Certificate Authorities, which contain 
such certificates within databases. In order to provide the certificates the CA must 
retrieve those necessary certificates from a database. 

Include the selected certificates in the container object (Schneier Fig 24.5, Stallings Fig 
14.6) As noted the certificates are incorporated into the container (message). 

18. Regarding Claim 6: receive input from sender specifying a return address 
(Schneier pg 577 lines 28-34) The functionality of an electronic mail system requires 
the sender's address to be incorporated into the outgoing message 

Instructions for returning recipient's certificate (Stallings Fig 14.6, Schneier . Fig 24.4-5) 
The instructions for returning the certificate are simply the request itself and the return 
address as provided. 

Include address and instructions in the first container object (Stallings Fig 14.6, 
Schneier Fig 24.4-5) As shown these items are included in the message as necessary 
functional pieces. 

19. Regarding Claims 7, 17, and 22: object validation information to be used to 
validate the certificate (Stallings pg 454-455, Schneier Fig 24.4-5, pg 579) Along with 
any provided certificate there must be validation information as is the functional 
structure of such an item to allow the client to authenticate such means. This is 
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provided generally by way of listing of the CA and specific identification of the certificate 
in reference to its issuer. 

20. Regarding Claim 9: Receive a container having a type and recognize that type 
(Stallings fig 14.6, Schneier pg 578) As defined the message has a recognizable type of 
an electronic mail message, and additionally provides for identification of the separate 
encryption protocols that may be used in forming the message. 

Recognize the container may include a certificate (Schneier Fig 24.5) The message as 
defined contains a certificate 

Determine if the container object contains a certificate of the sender (Stallings Fig 14.6, 
Schneier Fig 24.5) The logical process of validating the sender determines if a 
certificate is present. 

21 . Regarding Claim 12: If certificate is valid, extract and store certificate (Schneier 
Fig 24.5, pg 579-581) The certificate if validated allows for reading of the message and 
decryption of the encrypted content and thus it is stored within the memory of the 
system. In the event a message does not authenticate it would not be retained since an 
invalid message serves no purpose but to waste resources of the system. 

22. Regarding Claim 13: Determine if the first container object has a request for a 
recipient's certificate (Schneier Fig 24.5) 

Respond to request (Stallings fig 14.6, Schneier pg 577 lines 28-34) As shown in the 
figure a response is constructed as a second message (phase) with the certificate of the 
recipient. 
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23. Regarding Claims 14 and 21: Generate a second container including a 
certificate of the recipient (Stallings fig 14.6, Schneier pg 577 lines 28-34) As is noted 
the certificate is included in a reply to the sender's request 

Extract a return address from the first container and transmit second container to that 
address (Schneier pg 577 lines 28-34) The structure of the message as outlined 
previously provides for a return address. 

24. Claims 23-28, 30-36, 38-39, 41-46, 48 are a computer program product 
instruction and method implementation of claims 1-7, 9-10, 12-17, 19, and 21-22, and 
as such are rejected on the same basis. 

25. Claims 8, 1 1 , 18, 20, 29, 37, 40, 47, and 49 as best understood are rejected 
under 35 U.S.C. 103(a) as being unpatentable over Schneier and Stallings as applied to 
claim 1, and further in view of The PDF Reference, Second Edition. 

26. Schneier and Stallings teach a system as in claim 1 for the exchange of 
certificates via electronic mail, but fail to teach the use of Forms Data Format. 

27. The PDF Reference, Second Edition teaches the use of The Forms Data Format 
for submission and retrieval of information (pg 485 lines 1-26) via a server. 

28. Separating out extra information from a message and forming it into a common 
file layout is a desirable feature since this process adds cross-platform compatibility and 
the advantages of increased security by allowing further methods of protecting the given 
data and additionally adding further functionality through the ability to append such a file 
to any message format. 
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29. It would have been obvious to one skilled in the art at the time of the applicant's 
invention to combine the Forms Data Format of the PDF Reference, Second Edition 
with the system outlined by Schneier and Stallings. The added functionality and 
security features that are obtained from such a combination are desirable within any 
such system. 



Conclusion 

30. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Applicant is reminded that in amending in response to a rejection 
of claims, the patentable novelty must be clearly shown in view of the state of art 
disclosed by the references cited and the objections made. Applicant must show how 
the amendments avoid such references and objections. See 37 CFR 1 . 1 1 1 (c). 

31 . Inquiries concerning this communication or earlier communications from the 
examiner should be directed to Thomas M. Szymanski who can be reached at (571) 
272-8574. The examiner's normal working schedule is between the hours 8:00am - 
4:30pm (EST), Monday - Friday. 

32. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached at (571) 272-3838. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

33. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
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Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




